libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0070.html | |
http://online.securityfocus.com/archive/1/263121 | Exploit Patch Vendor Advisory |
http://www.iss.net/security_center/static/8593.php | |
http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-026.php | Patch Vendor Advisory |
http://www.securityfocus.com/bid/4326 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2002-04-22 04:00
Updated : 2008-09-11 00:00
NVD link : CVE-2002-0175
Mitre link : CVE-2002-0175
CVE.ORG link : CVE-2002-0175
JSON object : View
Products Affected
avaya
- libsafe
CWE